Fraudulent use of communication networks is a problem of staggering proportions. Using telecommunications networks as an example, costs associated with fraud are estimated at billions of dollars a year and growing. Given the tremendous financial liability, the telecommunications industry continues to seek ways for reducing the occurrence of fraud while at the same time minimizing disruption of service to legitimate subscribers.
Although there are many forms of telecommunications fraud, two of the most prevalent types or categories of fraud in today's networks are theft-of-service fraud and subscription fraud. For example, theft-of-service fraud may involve the illegitimate use of calling cards, cellular phones, or telephone lines (e.g., PBX lines), while subscription fraud may occur when a perpetrator who never intends to pay for a service poses as a new customer. This latter type of fraud has been particularly difficult to detect and prevent because of the lack of any legitimate calling activity in the account that could otherwise be used as a basis for differentiating the fraudulent activity. In either case, losses attributable to these types of fraud are a significant problem.
Many companies boast of superior fraud management in their product offerings; however, the fact remains that a comprehensive fraud management system does not exist which addresses the operational and economic concerns of service providers and customers alike. For example, a common disadvantage of most systems is that detection of fraud occurs after a substantial amount of fraudulent activity has already occurred on an account. Moreover, many fraud prevention measures implemented in today's systems are quite disruptive to the legitimate customer. As a result, customer "churn" may result as customers change service providers in search of a more secure system.
In general, the shortcomings of prior systems are readily apparent in terms of the amount of time that is required to detect and respond to fraud. For example, fraud detection based on customer feedback from monthly bills is not an acceptable approach to either service providers or customers. Automated fraud detection systems based on "thresholding" techniques are also not particularly helpful in managing fraud on a real-time or near real-time basis. For example, thresholding typically involves aggregating traffic over time (e.g., days, weeks, months), establishing profiles for subscribers (e.g., calling patterns), and applying thresholds to identify fraud. These systems are not viewed as being particularly effective because legitimate users can generate usage that exceeds the thresholds and the amount of fraud that can occur prior to detection and prevention is high (see. e.g., U.S. Pat. No. 5,706,338, "Real-Time Communications Fraud Monitoring System" and U.S. Pat. No. 5,627,886, "System and Method for Detecting Fraudulent Network Usage Patterns Using Real-Time Network Monitoring").
Although speed in detecting fraud may be improved by using technologies such as neural networking, statistical analysis, memory-based reasoning, genetic algorithms, and other data mining techniques, improved fraud detection alone does not completely solve the problem. In particular, even though systems incorporating these techniques may receive and process individual call data on a near real-time basis in an attempt to detect fraud, these systems still do not respond to the detected fraud on a real-time or near real-time basis. In one example, a system may generate an alert to an investigator in a network monitoring or operations center. However, the alerts will generally not be examined or acted upon immediately, thereby resulting in a significant amount of latency in responding to the detected fraud. Because of the reactive nature of these systems in responding to detected fraud, a considerable amount of financial loss is still incurred by service providers and customers after the alert is generated. Furthermore, automated prevention based on inaccurate detection will result in the disruption of service to legitimate subscribers.